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Vulnerability Report 


February 22, 2021 


Realtek xPON router — Insecure credentials leakage (CVE-2021-27372) 


Release Date 
2021 Feb. 22th 


Affected Projects 
Realtek xPON RTL9601D Product 


Affected Versions 
Realtek xPON SDK 1.9 


CVE ID 
CVE-2021-27372 


Description 


Weak Credentials 


Security Risk 
High 


Page 1 of 2 


Realtek Semiconductor Corp. 
t? R F A L | F K No. 2, Innovation Road II, 
G D Hsinchu Science Park, Hsinchu 300, Taiwan 


Tel: +886-3-5780211; Fax: +886-3-5776047 


Patch 
Realtek xPON SDK 1.9 2021/02/05 (salted password feature enabled, and password 
stored encrypted). 


#HH 
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